Get documents about "Watermarking and Steganography
Document Sample
Watermarking and
Steganography
Watermarks
• First introduced in Bologna, Italy in 1282
• Dandy Roll presses pattern into drying paper
– Changes thickness of paper fibers
• Uses:
– By paper makers to identify their product
– Security for stamps, official documents.
– Stock certificates, money, etc.
– Chic
• Other “watermarks”
– Printing on plastic with a window.
(Australian $10 note)
Dandy Roll
J. Plank Features
• Pressed into paper •In-house watermark design
•Computerized design process
during paper-making •Quick-change sleeves and
sections
process
•Dandy roll
•7.25" diameter
•Watermarking possible
http://www.uwsp.edu/papersci/PM/Machine/Dandy.htm
Dandy Roll
• Wet pulp sprayed •High grade stainless steel construction
onto moving belt •Incorporates internal oscillating shower,
internal pan, internal steam shower and
• Dandy Roll external saveall pan
•Extended Header Brush for easy cleaning
pressed into pulp of shower pipe
• Dandy Roll looks
like oversized
printer‟s roll
covered with
pattern
Laser Printed “Watermarks”
• Used on bond
paper, but who
uses bond
paper?
– Doesn‟t work
well in inkjets
or laserjets
• “Watermarks”
with most print
drivers…
Printed Watermarks
• Looks great
• You can even put it in
your PDF file…which
is the problem!
• No security
Printed Document Authentication
Techniques
• Microprinting – Print that is too small to produce or copy
with conventional equipment
• Intaglio –engraved pattern used to press ink with great
force; raised letters
• Letterpress – Ink rolled raised type, leaving depression.
Used for printing numbers.
• Simultan press – precise registration of front and back.
(see-through register). Changing ink colors (rainbowing).
• Optically variable inks (change color depending on
angle)
• Metal foils & threads embedded in paper
• Security holograms
Lessons for paper authentication
• Security features should convey a message
relevant to the product.
– Use iridescent ink to print the banknote denomination
• Should obviously belong where they are
– They become “embedded in the user‟s cognitive
model.”
• Should be obvious
• Should not have competitors
• Should be standardized
Source: Security Engineering, Anderson
Information Hiding
• Copyright Marks:
– Watermarks - Hidden copyright messages
– Fingerprints – Hidden serial numbers
• Steganography
– Hidden messages.
• Other applications:
– Closed captioning (hidden in first 21 scan lines)
• http://www.robson.org/gary/writing/nv-line21.html
– Audio RDS (Radio Data Service)-like service
• “What‟s that song?”
Watermarks for Copyright Policy
• “never copy”
• “copy only once”
• “copy only at low quality”
JPMG Linnartz, “The „Ticket‟ Concept for Copy Control
Based on Embedded Signaling” (Anderson [504] )
Suggests a hash-based implementation of “copy only
once:”
– X is the ticket
– Record h(h(X)) on DVD
– Provided with X, DVD recorded stores h(X) on second-
generation copy.
The Broadcast Flag
• “Advanced Television Systems Committee Flag”
• Enable/Disable:
– high-quality digital output
– Re-transmitting on an “unprotected” channel
• In the future:
– Time-shifting?
– Disallow fast-forward through commercials
• Required on all digital TV cards sold after July 2005
• Only broadcast, not satellite or cable-transmitted.
“Losing Control of Your TV,” Technology Review, March 3, 2004
http://www.technologyreview.com/articles/04/03/wo_garfinkel030304.asp?p=1
Steganography
• A hidden message that can't be found by
humans
• A hidden message that can't be found by
an algorithm.
A hidden message that can be found by
an algorithm but not by a human.
• A hidden message that can be found by
some algorithms but not others.
[Wayner 2004]
What is Hidden?
Defining "Hidden" is not easy
– We run into the usual Goedel limits that prevents us
from being logical about detection.
– Humans are very different. Some
musicians have very, very good ears.
– Some algorithms leave statistical anomalies. The
message is often more random than the carrier
signal. These statistics can give away the message.
Who wants it?
• Evil doers. If evil messages can't be seen by good
people, evil will triumph. Osama bin Laden?
• Good doers. If the good guys can communicate in
secret, then good
will triumph. U.S. forces
• Content owners and copyright czars. Hidden messages
can carry information about rights to view, copy, share,
listen, understand, etc.
• Software Developers. "Hidden" channels can be added
to data structures without crashing previous versions.
Steganography can fight bit rot.
Models for Steganography
• Replace random number generators with the
message.
– This works if the random numbers are used in a detectable way.
– TCP/IP, for instance, uses a random number for connections.
Some grab this for their own purposes.
• Replace noise with the message.
– Just replace the least-significant bit.
– Avoid the noise and tweak the salient features.
• Anything not affected by compression.
– If you have the freedom to change data without hurting the data,
then you have the freedom to include another message.
Models for Steganography
• Structured Models
– Run some compression algorithm in reverse
• If the compression models the data accurately, then running
it in reverse should spit out something that models the data
well.
• Huffman algorithms give common letters short bit strings and
rare ones long ones.
– Change the structure or the order.
• GifEncoder, for instance, changes the order of the colors in
the palette.
– Synthesize something new and use the data to guide
the synthesis.
• Is the ghoul shooting at you in the game using a revolver or a
machine gun? That's one bit.
Noise
• The least significant bit of pixels or sound
files is very popular.
• Tweaking the LSB is only a small change.
Less than 1%.
– 140=10001100
– 141=10001101
• You can encrypt, too!
LSB modified to hide info
LSB Modification
• Side Effects:
– The data may not have the same statistical
pattern as the least significant bits being
replaced.
• Add a lot of noise, and it‟s obvious
4 LSB modified produces banding
More LSB Modification
6 bits
7 bits
8 out of 8 bits
All 8 bits
Bit 8 vs. Bit 1
Wayner Demos
• Information hiding at the bit level:
– http://www.wayner.org/books/discrypt2/bitleve
l.php
• Encoding information through list order:
– http://www.wayner.org/books/discrypt2/sorted.
php#note2
JPEG Watermarking
“Hide and Seek: An
Figure 2. Embedded information in a
Introduction to Steganography”
JPEG. (a) The unmodified
IEEE Security & Privacy
original picture; (b) the picture with the first
chapter of The Hunting
of the Snark embedded in it.
Mesh Watermarking
• Robust mesh watermarking, Emil Praun,
Hugues Hoppe, Adam Finkelstein,
July 1999
Proceedings of the 26th annual
conference on Computer graphics and
interactive techniques
Issues to evaluate
• “Capability”
– Payload carrying ability
– Detectability
– Robustness
• Securing information: Capacity is the wrong
paradigm, Ira S. Moskowitz, LiWu Chang,
Richard E. Newman ,
September 2002 Proceedings of the 2002
workshop on New security paradigms
SDMI –
Secure Digital Media Initiative
• SDMI (200+ companies) published an “Open
Letter to the Digital Community” with an SDMI
Challenge.
– Earn up to $10,000 for breaking their “watermarks”
– Challenge from September 15, 2000 – October 7,
2000
• SDMI Systems:
– Designed to prevent “remixing” of privated CDs
– Designed to survive MP3 compression
SDMI & The Academics
• The Academics:
– Scott Craver, Patrick McGregor, Min Wu, Bede Liu,
(Dept. of Electrical Engineering, Princeton University)
– Adam Stubblefield, Ben Swartzlander, Dan S.
Wallach (Dept. of Computer Science, Rice University)
– Edward W. Felten (Dept. of Computer Science,
Princeton University)
• What they did:
– Successfully removed the digital watermark from the
challenge audio samples.
• How did they know they did it?
– SDMI provided an “Oracle” that told them they did!
SDMI & Academics: Part 2
• Academics couldn‟t claim cash prize
– Doing so would have required signing a “confidentiality agreement” and
prohibit the academics from sharing results with the public
• DMCA didn‟t apply…
– … because SDMI specifically invited the work
• Felton &c decided to present their findings at the 4th International
Information Hiding Workshop April 25-29, 2001
• April 9, 2001 RIAA Senior VP for Business and Legal Affairs sent
Felton letter with veiled DMCA threats
• April 26, 2001 Felton declines to present paper
• May 3, 2001 – RIAA and SDMI say they never intended to sue
• June 6, 2001 – Felton files suit against RIAA asking for a
declaratory judgment that they would not be infringing
• November 28, 2001 – Case dismissed for mootness
DigiMarc
• Leading provider of
watermarking
technologies
• Plug-ins for Windows,
PhotoShop, etc.
• Communicates:
– Copyright ownership
– Image ID
– Image content – adult,
etc.
Tools and References
• Fabien a. p. penticolas
– http://www.petitcolas.net/fabien/steganography/
• Digimarc
• http://theargon.com/archivess/steganograp
hy/
• Hiding Secrets with Steganography, by
Dru Lavigne,
– http://www.onlamp.com/pub/a/bsd/2003/12/04
/FreeBSD_Basics.html
• http://www.outguess.org
“Mosaïc attack”
• Defeat an embedded watermark by
chopping up image and serving it in pieces
<nobr>
<img SRC="kings_chapel_wmk1.jpg‟ BORDER="0‟ ALT="1/6‟ width="116‟ height="140">
<img SRC="kings_chapel_wmk2.jpg‟ BORDER="0‟ ALT="2/6‟ width="116‟ height="140">
<img SRC="kings_chapel_wmk3.jpg‟ BORDER="0‟ ALT="3/6‟ width="118‟ height="140">
</nobr>
<br>
<nobr>
<img SRC="kings_chapel_wmk4.jpg‟ BORDER="0‟ ALT="4/6‟ width="116‟ height="140">
<img SRC="kings_chapel_wmk5.jpg‟ BORDER="0‟ ALT="5/6‟ width="116‟ height="140">
<img SRC="kings_chapel_wmk6.jpg‟ BORDER="0‟ ALT="6/6‟ width="118‟ height="140">
</nobr>
Mosaïc assembled
• Some websites use mosaics to deter casual
copying!
MP3Stego
• Hides information in MP3 files during the
compression process
• Takes advantage of the fact that MP3 provides
high-quality compression of 11:1
– Plenty of room for information hiding!
– Randomly chooses which parts of the Layer III inner
loop to modify; makes sure modifications don‟t
exceed threshold defined by the psycho acoustic
model.
• “Weak but better than the MPEG copyright flag
defined in the standard”
• Defeat by decompressing & recompressing
MP3Stego in action
http://www.petitcolas.net/fabien/steganography/mp3stego/index.html
Translucent Databases
(More Wayner Work,
if we have time…)
Translucent Database
• Instead of:
– INSERT INO purchases
values (“bob jones”, 55424, “36”, NOW())
• Use:
– INSERT INTO purchases
values (MD5(“bob jones”, 55424, “36”,
NOW())
TD‟s with Redundency
• INSERT INTO salaries2 VALUES (
MD5(“Fred Smith/1313 Mockingbird Lane/06-01-
1960/012-34-5678”),
MD5(“Fred Smith/1313 Mockingbird Lane/012-34-5678”),
MD5(“Fred Smith/1313 Mockingbird Lane/06-01-1960”),
MD5(“Fred Smith//06-01-1960/012-34-5678”), 60000, 5
20
)
Coordinating Users
nameHash1 nameHash2 Message
d3b07384d113edec49ea
a6238ad5ff00
2b00042f7481c7b056c4
b410d28f33cf
You‟ve got
some
explaining to do
2b00042f7481c7b056c4
b410d28f33cf
D3b07384d113edec49ea
a6238ad5ff00
It‟s not my fault!
Inserting into multi-user table
• INSERT INTO bboard1
Values(MD5(“Lucy”),MD5(“Ricky”),”You‟ve
got some explaining to do.”)
• INSERT INTO bboard1
Values(MD5(“Lucy”),MD5(“Ricky”),ENCRY
PT(”You‟ve got some explaining to do.”))
